By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
446,212 Members | 1,110 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 446,212 IT Pros & Developers. It's quick & easy.

Check if user is authenticated

P: n/a
Hello,

How to I check if a user is authenticated and if it is what is its
role?

I am using Asp.Net 2.0 and forms authentication.

Thanks,

Miguel

Dec 7 '06 #1
Share this Question
Share on Google+
3 Replies


P: n/a
Use attributes on your classes and/or methods. You need something like
this:

[PrincipalPermissionAttribute(SecurityAction::Deman d,

Authenticated=True,
Role="Progdir")]

The Visual Studio help puts it like this:

__________________________________________________ _____________________________________
PrincipalPermissionAttribute can be used to declaratively demand that users
running your code belong to a specified role or have been authenticated. Use
of Unrestricted creates a PrincipalPermission with Authenticated set to true
and Name and Role set to a null reference (Nothing in Visual Basic).

The scope of the declaration that is allowed depends on the SecurityAction
that is used. PrincipalPermissionAttribute cannot be applied at the assembly
level.

The security information declared by a security attribute is stored in the
metadata of the attribute target and is accessed by the system at run time.
Security attributes are used only for declarative security. For imperative
security, use the corresponding permission class.

Important Prior to a demand for principal permission it is necessary to
set the current application domain's principal policy to the enumeration
value WindowsPrincipal. By default, the principal policy is set to
UnauthenticatedPrincipal. If you do not set the principal policy to
WindowsPrincipal, a demand for principal permission will fail. The following
code should be executed before the principal permission is demanded:
AppDomain.CurrentDomain.SetPrincipalPolicy(Princip alPolicy.WindowsPrincipal).

Example
The following example demonstrates how PrincipalPermission can be used
declaratively to demand that the current user is Bob and belongs to the
Supervisor role.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Name := "Bob", Role := "Supervisor")Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Name="Bob",
Role="Supervisor")]

C++ Copy Code
[PrincipalPermissionAttribute(SecurityAction::Deman d,Name="Bob",
Role="Supervisor")]

J# Copy Code
/** @attribute PrincipalPermissionAttribute(SecurityAction.Demand ,
Name = "Bob", Role = "Supervisor")
*/
The following example demonstrates how to demand that the current user's
identity is Bob, regardless of role membership.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Name := "Bob")Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Name="Bob")]

C++ Copy Code
[PrincipalPermissionAttribute(SecurityAction::Deman d,Name="Bob")]

J# Copy Code
/** @attribute PrincipalPermissionAttribute(SecurityAction.Demand , Name =
"Bob")
*/
The following example demonstrates how to demand only that the user is
authenticated.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Authenticated := True)Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Authenticated=true)]
__________________________________________________ ____________________________________

HTH
Peter
"shapper" <md*****@gmail.comwrote in message
news:11**********************@16g2000cwy.googlegro ups.com...
Hello,

How to I check if a user is authenticated and if it is what is its
role?

I am using Asp.Net 2.0 and forms authentication.

Thanks,

Miguel



Dec 7 '06 #2

P: n/a
Sorry. Got my syntax screwed up in my first statement. Ignore what I've
said and stick to what's in the quotation from the help files.
Peter

"Peter Bradley" <pb******@uwic.ac.ukwrote in message
news:uo**************@TK2MSFTNGP02.phx.gbl...
Use attributes on your classes and/or methods. You need something like
this:

[PrincipalPermissionAttribute(SecurityAction::Deman d,

Authenticated=True,
Role="Progdir")]

The Visual Studio help puts it like this:

__________________________________________________ _____________________________________
PrincipalPermissionAttribute can be used to declaratively demand that
users running your code belong to a specified role or have been
authenticated. Use of Unrestricted creates a PrincipalPermission with
Authenticated set to true and Name and Role set to a null reference
(Nothing in Visual Basic).

The scope of the declaration that is allowed depends on the SecurityAction
that is used. PrincipalPermissionAttribute cannot be applied at the
assembly level.

The security information declared by a security attribute is stored in the
metadata of the attribute target and is accessed by the system at run
time. Security attributes are used only for declarative security. For
imperative security, use the corresponding permission class.

Important Prior to a demand for principal permission it is necessary to
set the current application domain's principal policy to the enumeration
value WindowsPrincipal. By default, the principal policy is set to
UnauthenticatedPrincipal. If you do not set the principal policy to
WindowsPrincipal, a demand for principal permission will fail. The
following code should be executed before the principal permission is
demanded:
AppDomain.CurrentDomain.SetPrincipalPolicy(Princip alPolicy.WindowsPrincipal).

Example
The following example demonstrates how PrincipalPermission can be used
declaratively to demand that the current user is Bob and belongs to the
Supervisor role.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Name := "Bob", Role := "Supervisor")Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Name="Bob",
Role="Supervisor")]

C++ Copy Code
[PrincipalPermissionAttribute(SecurityAction::Deman d,Name="Bob",
Role="Supervisor")]

J# Copy Code
/** @attribute PrincipalPermissionAttribute(SecurityAction.Demand ,
Name = "Bob", Role = "Supervisor")
*/
The following example demonstrates how to demand that the current user's
identity is Bob, regardless of role membership.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Name := "Bob")Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Name="Bob")]

C++ Copy Code
[PrincipalPermissionAttribute(SecurityAction::Deman d,Name="Bob")]

J# Copy Code
/** @attribute PrincipalPermissionAttribute(SecurityAction.Demand , Name =
"Bob")
*/
The following example demonstrates how to demand only that the user is
authenticated.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Authenticated := True)Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Authenticated=true)]
__________________________________________________ ____________________________________

HTH
Peter
"shapper" <md*****@gmail.comwrote in message
news:11**********************@16g2000cwy.googlegro ups.com...
>Hello,

How to I check if a user is authenticated and if it is what is its
role?

I am using Asp.Net 2.0 and forms authentication.

Thanks,

Miguel



Dec 7 '06 #3

P: n/a
I taught as much that would do the trick also as Peter adviced.
Patrick

"Peter Bromberg [C# MVP]" <pb*******@yahoo.nospammin.comwrote in message
news:08**********************************@microsof t.com...
try User.IsAuthenticated, and User.IsInRoke("rolename").
Depending on whether you are using Membership, there are a lot of other
built-in methods.
Peter

--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com


"shapper" wrote:
Hello,

How to I check if a user is authenticated and if it is what is its
role?

I am using Asp.Net 2.0 and forms authentication.

Thanks,

Miguel

Dec 7 '06 #4

This discussion thread is closed

Replies have been disabled for this discussion.